#include "suricata-common.h"#include "suricata.h"#include "detect.h"#include "flow.h"#include "flow-private.h"#include "flow-bit.h"#include "detect-parse.h"#include "detect-engine.h"#include "detect-engine-profile.h"#include "detect-engine-alert.h"#include "detect-engine-siggroup.h"#include "detect-engine-address.h"#include "detect-engine-proto.h"#include "detect-engine-port.h"#include "detect-engine-mpm.h"#include "detect-engine-iponly.h"#include "detect-engine-threshold.h"#include "detect-engine-prefilter.h"#include "rust.h"#include "detect-engine-payload.h"#include "detect-dns-name.h"#include "detect-dns-response.h"#include "detect-tls-sni.h"#include "detect-tls-certs.h"#include "detect-tls-cert-fingerprint.h"#include "detect-tls-cert-issuer.h"#include "detect-tls-cert-subject.h"#include "detect-tls-cert-serial.h"#include "detect-tls-alpn.h"#include "detect-tls-subjectaltname.h"#include "detect-tls-random.h"#include "detect-tls-ja3-hash.h"#include "detect-tls-ja3-string.h"#include "detect-tls-ja3s-hash.h"#include "detect-tls-ja3s-string.h"#include "detect-engine-state.h"#include "detect-engine-analyzer.h"#include "detect-http-cookie.h"#include "detect-http-method.h"#include "detect-http-ua.h"#include "detect-http-host.h"#include "detect-mark.h"#include "detect-nfs-version.h"#include "detect-engine-event.h"#include "decode.h"#include "detect-config.h"#include "detect-smtp.h"#include "detect-base64-decode.h"#include "detect-base64-data.h"#include "detect-ipaddr.h"#include "detect-ipopts.h"#include "detect-tcp-flags.h"#include "detect-fragbits.h"#include "detect-fragoffset.h"#include "detect-gid.h"#include "detect-tcp-ack.h"#include "detect-tcp-seq.h"#include "detect-content.h"#include "detect-uricontent.h"#include "detect-pcre.h"#include "detect-depth.h"#include "detect-nocase.h"#include "detect-rawbytes.h"#include "detect-bytetest.h"#include "detect-bytemath.h"#include "detect-bytejump.h"#include "detect-sameip.h"#include "detect-l3proto.h"#include "detect-ipproto.h"#include "detect-within.h"#include "detect-distance.h"#include "detect-offset.h"#include "detect-sid.h"#include "detect-prefilter.h"#include "detect-priority.h"#include "detect-classtype.h"#include "detect-reference.h"#include "detect-tag.h"#include "detect-threshold.h"#include "detect-metadata.h"#include "detect-msg.h"#include "detect-rev.h"#include "detect-flow.h"#include "detect-flow-age.h"#include "detect-flow-pkts.h"#include "detect-flow-elephant.h"#include "detect-requires.h"#include "detect-tcp-window.h"#include "detect-tcp-wscale.h"#include "detect-ftpbounce.h"#include "detect-ftp-dynamic-port.h"#include "detect-isdataat.h"#include "detect-id.h"#include "detect-rpc.h"#include "detect-asn1.h"#include "detect-filename.h"#include "detect-filestore.h"#include "detect-filemagic.h"#include "detect-filemd5.h"#include "detect-filesha1.h"#include "detect-filesha256.h"#include "detect-filesize.h"#include "detect-dataset.h"#include "detect-datarep.h"#include "detect-dsize.h"#include "detect-flowvar.h"#include "detect-flowint.h"#include "detect-pktvar.h"#include "detect-noalert.h"#include "detect-flowbits.h"#include "detect-hostbits.h"#include "detect-xbits.h"#include "detect-csum.h"#include "detect-stream_size.h"#include "detect-engine-sigorder.h"#include "detect-ttl.h"#include "detect-fast-pattern.h"#include "detect-itype.h"#include "detect-icode.h"#include "detect-icmp-id.h"#include "detect-icmp-seq.h"#include "detect-icmpv4hdr.h"#include "detect-igmphdr.h"#include "detect-igmp-type.h"#include "detect-urilen.h"#include "detect-bsize.h"#include "detect-detection-filter.h"#include "detect-http-client-body.h"#include "detect-http-server-body.h"#include "detect-http-header.h"#include "detect-http-header-names.h"#include "detect-http-headers.h"#include "detect-http-raw-header.h"#include "detect-http-uri.h"#include "detect-http-protocol.h"#include "detect-http-start.h"#include "detect-http-stat-msg.h"#include "detect-http-request-line.h"#include "detect-http-response-line.h"#include "detect-http2.h"#include "detect-byte-extract.h"#include "detect-file-data.h"#include "detect-pkt-data.h"#include "detect-replace.h"#include "detect-tos.h"#include "detect-app-layer-event.h"#include "detect-app-layer-state.h"#include "detect-lua.h"#include "detect-iprep.h"#include "detect-geoip.h"#include "detect-app-layer-protocol.h"#include "detect-template.h"#include "detect-tcphdr.h"#include "detect-tcpmss.h"#include "detect-udphdr.h"#include "detect-etherhdr.h"#include "detect-icmpv6hdr.h"#include "detect-icmpv6-mtu.h"#include "detect-ipv4hdr.h"#include "detect-ipv6hdr.h"#include "detect-krb5-cname.h"#include "detect-krb5-errcode.h"#include "detect-krb5-sname.h"#include "detect-krb5-ticket-encryption.h"#include "detect-sip-method.h"#include "detect-sip-uri.h"#include "detect-target.h"#include "detect-ja4-hash.h"#include "detect-ftp-command.h"#include "detect-entropy.h"#include "detect-ftp-command-data.h"#include "detect-ftp-completion-code.h"#include "detect-ftp-reply.h"#include "detect-ftp-mode.h"#include "detect-ftp-reply-received.h"#include "detect-bypass.h"#include "detect-ftpdata.h"#include "detect-engine-content-inspection.h"#include "detect-transform-pcrexform.h"#include "detect-transform-luaxform.h"#include "util-rule-vars.h"#include "app-layer.h"#include "app-layer-protos.h"#include "app-layer-htp.h"#include "app-layer-smtp.h"#include "detect-frame.h"#include "detect-tls.h"#include "detect-tls-cert-validity.h"#include "detect-tls-version.h"#include "detect-http-stat-code.h"#include "detect-ssl-version.h"#include "detect-ssl-state.h"#include "detect-modbus.h"#include "detect-dnp3.h"#include "detect-vlan.h"#include "detect-email.h"#include "action-globals.h"#include "tm-threads.h"#include "pkt-var.h"#include "conf.h"#include "conf-yaml-loader.h"#include "stream-tcp.h"#include "stream-tcp-inline.h"#include "util-lua.h"#include "util-var-name.h"#include "util-classification-config.h"#include "util-threshold-config.h"#include "util-print.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "util-debug.h"#include "util-hashlist.h"#include "util-privs.h"#include "util-profiling.h"#include "util-validate.h"#include "util-optimize.h"#include "util-path.h"#include "util-mpm-ac.h"#include "runmodes.h"Go to the source code of this file.
Macros | |
| #define | ARRAY_CAP_STEP 16 |
Functions | |
| bool | SCSigTableHasKeyword (const char *keyword) |
| Check if a keyword exists. More... | |
| int | SigTableList (const char *keyword) |
| void | SCDetectHelperKeywordSetCleanCString (uint16_t id) |
| void | SigTableCleanup (void) |
| int | SCSigTablePreRegister (void(*KeywordsRegister)(void)) |
| void | SigTableInit (void) |
| void | SigTableSetup (void) |
| void | SigTableRegisterTests (void) |
Variables | |
| int | DETECT_TBLSIZE = 0 |
| int | DETECT_TBLSIZE_IDX = DETECT_TBLSIZE_STATIC |
Detailed Description
Definition in file detect-engine-register.c.
Macro Definition Documentation
◆ ARRAY_CAP_STEP
| #define ARRAY_CAP_STEP 16 |
Definition at line 488 of file detect-engine-register.c.
Function Documentation
◆ SCDetectHelperKeywordSetCleanCString()
| void SCDetectHelperKeywordSetCleanCString | ( | uint16_t | id | ) |
Definition at line 467 of file detect-engine-register.c.
References SigTableElmt_::Cleanup, and sigmatch_table.
◆ SCSigTableHasKeyword()
| bool SCSigTableHasKeyword | ( | const char * | keyword | ) |
Check if a keyword exists.
Definition at line 368 of file detect-engine-register.c.
References DETECT_TBLSIZE, name, SigTableElmt_::name, and sigmatch_table.
◆ SCSigTablePreRegister()
| int SCSigTablePreRegister | ( | void(*)(void) | KeywordsRegister | ) |
Definition at line 496 of file detect-engine-register.c.
◆ SigTableCleanup()
| void SigTableCleanup | ( | void | ) |
Definition at line 472 of file detect-engine-register.c.
References SigTableElmt_::Cleanup, DETECT_TBLSIZE, SCFree, and sigmatch_table.
Referenced by GlobalsDestroy().
◆ SigTableInit()
| void SigTableInit | ( | void | ) |
Definition at line 512 of file detect-engine-register.c.
References DETECT_TBLSIZE, DETECT_TBLSIZE_STATIC, DETECT_TBLSIZE_STEP, FatalError, SCCalloc, and sigmatch_table.
Referenced by ListKeywords(), LLVMFuzzerTestOneInput(), PostConfLoadedSetup(), and RunUnittests().
◆ SigTableList()
| int SigTableList | ( | const char * | keyword | ) |
Definition at line 385 of file detect-engine-register.c.
References DETECT_TBLSIZE, name, SigTableElmt_::name, and sigmatch_table.
Referenced by ListKeywords().
◆ SigTableRegisterTests()
| void SigTableRegisterTests | ( | void | ) |
Definition at line 770 of file detect-engine-register.c.
References coverage_unittests, DETECT_TBLSIZE, g_ut_covered, g_ut_modules, name, SigTableElmt_::RegisterTests, SCLogDebug, SCLogWarning, and sigmatch_table.
◆ SigTableSetup()
| void SigTableSetup | ( | void | ) |
Definition at line 524 of file detect-engine-register.c.
References DetectAckRegister(), DetectAppLayerEventRegister(), DetectAppLayerProtocolRegister(), DetectAppLayerStateRegister(), DetectAsn1Register(), DetectBase64DataRegister(), DetectBase64DecodeRegister(), DetectBsizeRegister(), DetectBypassRegister(), DetectByteExtractRegister(), DetectBytejumpRegister(), DetectBytemathRegister(), DetectBytetestRegister(), DetectClasstypeRegister(), DetectConfigRegister(), DetectContentRegister(), DetectCsumRegister(), DetectDatarepRegister(), DetectDatasetRegister(), DetectDepthRegister(), DetectDetectionFilterRegister(), DetectDistanceRegister(), DetectDNP3Register(), DetectDnsNameRegister(), DetectDnsResponseRegister(), DetectDsizeRegister(), DetectEngineEventRegister(), DetectEntropyRegister(), DetectEtherhdrRegister(), DetectFastPatternRegister(), DetectFiledataRegister(), DetectFilemagicRegister(), DetectFileMd5Register(), DetectFilenameRegister(), DetectFileSha1Register(), DetectFileSha256Register(), DetectFilesizeRegister(), DetectFilestoreRegister(), DetectFlagsRegister(), DetectFlowAgeRegister(), DetectFlowbitsRegister(), DetectFlowBytesRegister(), DetectFlowBytesToClientRegister(), DetectFlowBytesToServerRegister(), DetectFlowElephantRegister(), DetectFlowintRegister(), DetectFlowPktsRegister(), DetectFlowPktsToClientRegister(), DetectFlowPktsToServerRegister(), DetectFlowRegister(), DetectFlowvarRegister(), DetectFragBitsRegister(), DetectFragOffsetRegister(), DetectFrameRegister(), DetectFtpbounceRegister(), DetectFtpCommandDataRegister(), DetectFtpCommandRegister(), DetectFtpCompletionCodeRegister(), DetectFtpdataRegister(), DetectFtpDynamicPortRegister(), DetectFtpModeRegister(), DetectFtpReplyReceivedRegister(), DetectFtpReplyRegister(), DetectGeoipRegister(), DetectGidRegister(), DetectHostbitsRegister(), DetectHttp2Register(), DetectHttpClientBodyRegister(), DetectHttpCookieRegister(), DetectHttpHeaderNamesRegister(), DetectHttpHeaderRegister(), DetectHttpHeadersRegister(), DetectHttpHHRegister(), DetectHttpMethodRegister(), DetectHttpProtocolRegister(), DetectHttpRawHeaderRegister(), DetectHttpRequestHeaderRegister(), DetectHttpRequestLineRegister(), DetectHttpResponseHeaderRegister(), DetectHttpResponseLineRegister(), DetectHttpServerBodyRegister(), DetectHttpStartRegister(), DetectHttpStatCodeRegister(), DetectHttpStatMsgRegister(), DetectHttpUARegister(), DetectHttpUriRegister(), DetectIcmpIdRegister(), DetectIcmpSeqRegister(), DetectIcmpv4HdrRegister(), DetectICMPv6hdrRegister(), DetectICMPv6mtuRegister(), DetectICodeRegister(), DetectIdRegister(), DetectIGMPHdrRegister(), DetectIGMPTypeRegister(), DetectIPAddrBufferRegister(), DetectIpOptsRegister(), DetectIPProtoRegister(), DetectIPRepRegister(), DetectIpv4hdrRegister(), DetectIpv6hdrRegister(), DetectIsdataatRegister(), DetectITypeRegister(), DetectJa4HashRegister(), DetectKrb5CNameRegister(), DetectKrb5ErrCodeRegister(), DetectKrb5SNameRegister(), DetectKrb5TicketEncryptionRegister(), DetectL3ProtoRegister(), DetectLuaRegister(), DetectMarkRegister(), DetectMetadataRegister(), DetectModbusRegister(), DetectMsgRegister(), DetectNfsVersionRegister(), DetectNoalertRegister(), DetectNocaseRegister(), DetectOffsetRegister(), DetectPcreRegister(), DetectPktDataRegister(), DetectPktvarRegister(), DetectPrefilterRegister(), DetectPriorityRegister(), DetectRawbytesRegister(), DetectReferenceRegister(), DetectRegisterAppLayerHookLists(), DetectReplaceRegister(), DetectRequiresRegister(), DetectRevRegister(), DetectRpcRegister(), DetectSameipRegister(), DetectSeqRegister(), DetectSidRegister(), DetectSipMethodRegister(), DetectSipUriRegister(), DetectSslStateRegister(), DetectSslVersionRegister(), DetectStreamSizeRegister(), DetectTagRegister(), DetectTargetRegister(), DetectTcphdrRegister(), DetectTcpmssRegister(), DetectTcpWscaleRegister(), DetectTemplateRegister(), DetectThresholdRegister(), DetectTlsAlpnRegister(), DetectTlsCertChainLenRegister(), DetectTlsCertsRegister(), DetectTlsFingerprintRegister(), DetectTlsIssuerRegister(), DetectTlsJa3HashRegister(), DetectTlsJa3SHashRegister(), DetectTlsJa3SStringRegister(), DetectTlsJa3StringRegister(), DetectTlsRandomRegister(), DetectTlsRegister(), DetectTlsSerialRegister(), DetectTlsSniRegister(), DetectTlsSubjectAltNameRegister(), DetectTlsSubjectRegister(), DetectTlsValidityRegister(), DetectTlsVersionRegister(), DetectTosRegister(), DetectTransformLuaxformRegister(), DetectTransformPcrexformRegister(), DetectTtlRegister(), DetectUdphdrRegister(), DetectUricontentRegister(), DetectUrilenRegister(), DetectWindowRegister(), DetectWithinRegister(), and DetectXbitsRegister().
Referenced by ListKeywords(), LLVMFuzzerTestOneInput(), and RunUnittests().
Variable Documentation
◆ DETECT_TBLSIZE
| int DETECT_TBLSIZE = 0 |
Definition at line 263 of file detect-engine-register.c.
Referenced by PrefilterSetupRuleGroup(), SCDetectHelperNewKeywordId(), SCProfilingKeywordThreadSetup(), SCProfilingKeywordUpdateCounter(), SCSigTableHasKeyword(), SigMatchStrictEnabled(), SigTableApplyStrictCommandLineOption(), SigTableCleanup(), SigTableInit(), SigTableList(), and SigTableRegisterTests().
◆ DETECT_TBLSIZE_IDX
| int DETECT_TBLSIZE_IDX = DETECT_TBLSIZE_STATIC |
Definition at line 264 of file detect-engine-register.c.
Referenced by SCDetectHelperNewKeywordId().
